Kelly Martin, 2004-03-17
It only takes a 12KB virus for total system compromise and a highly effective spam engine. Anyone can make one. Some assembly required.
Colapse all |
Post comment
The 12kb Bomb
2004-03-17
Anonymous (3 replies)
Anonymous (3 replies)
Well, the analogy is not entirely true, because any engineering marvel can be taken down with a device which is "insignificant" in size. Any recent historical event should show this.
The problem is not entirely the code (tho Microsoft does have liabilities), or the building, or the dog, or whatev...
[ more ] [ reply ]
The problem is not entirely the code (tho Microsoft does have liabilities), or the building, or the dog, or whatev...
[ more ] [ reply ]
The 12kb Bomb
2004-03-19
Anonymous
Anonymous
The problem still lies with the users. No amount of firewalling, AV tech, padlocks, will protect a dumb and uneducated user from blowing his machine up.
Actually the fault DOES lie with Microsoft. People dont have these problems in a Unix enviroment, because the multiuser capabilities weren't ...
[ more ] [ reply ]
Actually the fault DOES lie with Microsoft. People dont have these problems in a Unix enviroment, because the multiuser capabilities weren't ...
[ more ] [ reply ]
The 12kb Bomb
2004-03-22
Anonymous
Anonymous
Cisco has a product out that actually puts itself between the user and the OS, potentially stopping a virus/worm/dog/whatever from installing itself. It's a tight lockdown that alerts the user when something is trying to do something "unauthorized". It's called CSA and it *rocks*....
[ more ] [ reply ]
[ more ] [ reply ]
The 12kb Bomb
2004-03-17
Anonymous (1 replies)
Anonymous (1 replies)
The sad thing of this story, is the many missed opportunities to have corrected this in the past and the contiued thinking that adding patches to patches is going to somehow magically clean the mess....
[ more ] [ reply ]
[ more ] [ reply ]
The 12kb Bomb
2004-03-17
Anonymous (1 replies)
Anonymous (1 replies)
not just a microsoft problem
2004-03-17
Dmitriy Martynov (2 replies)
Dmitriy Martynov (2 replies)
Great article, although it is not merely a Microsoft problem. Take virtually any OS, and it will be a monolith that can potentially be taken down with a few kilobytes of malicious code. Software comes out to maximaze the use of the hardware. For example, MacOS X does not run very well on my G3 Pismo...
[ more ] [ reply ]
[ more ] [ reply ]
re not just a microsoft problem
2004-03-18
Anonymous
Anonymous
Sure it's not just a microsoft problem. There's no system that gets compromised with code greater than a few K.. everyone knows that.
One small bug is all it takes to exploit it, all it needs to do is provide a point of entry for an attack to expand.
However, this article isn't about technical thi...
[ more ] [ reply ]
One small bug is all it takes to exploit it, all it needs to do is provide a point of entry for an attack to expand.
However, this article isn't about technical thi...
[ more ] [ reply ]
err...
2004-03-17
Anonymous (2 replies)
Anonymous (2 replies)
I dont get it. I may be wrong here but... despite the lack of security Microsoft products offer (very known issue), what else does the article points out ? I mean, 12kb of code is usually enough to compromise any system that has indeed a security hole. Microsoft has indeed a bad security history and...
[ more ] [ reply ]
[ more ] [ reply ]
err...
2004-03-18
Morr
Morr
There is nothing new about this article. It's yet another waste of a professional's time and designed to frighten the general public in to pouring more money in to security. It doesn't actually say anything exciting unless you don't understand it, then it seems frightening. He gets to keep his jo...
[ more ] [ reply ]
[ more ] [ reply ]
err...
2004-03-22
Anonymous
Anonymous
I don't get what all the fuss is about - anyone remember the ZX81? had 1K of ram and had games like defender on it? Why is everyone going overboard on how this 12K is so neat to be a compromise. Remember the BBC Micro - it's Operating System fit on an 8K rom. The Basic Interpreter fit inside an 8K r...
[ more ] [ reply ]
[ more ] [ reply ]
The 12kb Bomb
2004-03-18
theeta
theeta
Exactly !! and all these worms are spreading not beacause of some 'hole' in windows, they are spreading because of the lameness of windows users who are simply executing whatever they recieve as an attachment.
Similar kind of things can happen on any *nix also if users starts executing the recieve...
[ more ] [ reply ]
Similar kind of things can happen on any *nix also if users starts executing the recieve...
[ more ] [ reply ]
The 12kb Bomb
2004-03-18
Anonymous
Anonymous
The average virus writer is, 99% of the time, someone like you with a full time job, a house, and a wide circle of friends.
Get your facts right :] Maybe you should take a leaf out of Sarah Gordon's book.
http://news.bbc.co.uk/1/hi/technology/3240901.stm
"All those years of research and cont...
[ more ] [ reply ]
Get your facts right :] Maybe you should take a leaf out of Sarah Gordon's book.
http://news.bbc.co.uk/1/hi/technology/3240901.stm
"All those years of research and cont...
[ more ] [ reply ]
The 12kb Bomb
2004-03-18
Anonymous
Anonymous
Hmm, it's not really a technical article. Merely it's nice to think about it as a large system that gets compromised my this little thing and can actually do something useful :). I understand that.
But most exploits are only a few kb in size.. look at shellcode.. that's very tiny but that's because...
[ more ] [ reply ]
But most exploits are only a few kb in size.. look at shellcode.. that's very tiny but that's because...
[ more ] [ reply ]
The 12kb Bomb
2004-03-18
mes365
mes365
This article along with many articles produced by security focus is very technically sound and thank God it's written with a little bit of creativity. Our writer is taking a technical issue and breaking it down for the average user. This article very effectively educates one on some portion of wor...
[ more ] [ reply ]
[ more ] [ reply ]
A better analogy
2004-03-18
Anonymous
Anonymous
A better analogy for these e-mail worms is this:
Microsoft is like the construction company that builds the huge tower. For the sake of this analogy (and my own amusement) we'll call this company MacroHard
Joe User bought the building from MacroHard.
MacroHard provides a security service...
[ more ] [ reply ]
Microsoft is like the construction company that builds the huge tower. For the sake of this analogy (and my own amusement) we'll call this company MacroHard
Joe User bought the building from MacroHard.
MacroHard provides a security service...
[ more ] [ reply ]
The 12kb Bomb
2004-03-18
ersid_
ersid_
Actually I don't think it's Microsoft's fault to this.. lets talk abit about the linux/unix systems they are vuln with even smaller codes, can still do the same thing, and maybe harsher. It looks like you're just blaming Microsoft but as i said.. all the o/s systems are propably same vuln as window...
[ more ] [ reply ]
[ more ] [ reply ]
12k isn't impressive
2004-03-18
Grine Biter
Grine Biter
Back in the good old days of the Amiga, we had a 1k virus that not only spread itself, but also randomly dialled the home phone of an anti-virus author and played "El Condor Pasa" on the stepper motor of the 3.5" floppy drive.
12k is even less impressive when those 12k depends on several megabyte...
[ more ] [ reply ]
12k is even less impressive when those 12k depends on several megabyte...
[ more ] [ reply ]
The 12kb Bomb
2004-03-18
Anonymous (1 replies)
Anonymous (1 replies)
There is a potential to find a bug in any OS, any Software, Any protocol at any time in the future. Be it Microsoft, be it Oracle, be it TCP/IP. Point is, user will always be the 8th layer in the OSI Model. And if the 8th layer does not get improved, then tomorrow someone will write 6 killobytes of ...
[ more ] [ reply ]
[ more ] [ reply ]
The 12kb Bomb
2004-03-18
Anonymous
Anonymous
Speaking of analogy,
In the battle with your enemy, the enemy will always find a way to penetrate with smallest possible way to crumble your fort. That is always been enemy?s strategy from the beginning. If you want to win the war, prepare your worriers to make the best use of their weapons and ...
[ more ] [ reply ]
In the battle with your enemy, the enemy will always find a way to penetrate with smallest possible way to crumble your fort. That is always been enemy?s strategy from the beginning. If you want to win the war, prepare your worriers to make the best use of their weapons and ...
[ more ] [ reply ]
The 12kb Bomb
2004-03-18
Anonymous (1 replies)
Anonymous (1 replies)
Windows XP is more secure and more stable, but if a user insists on running an application (Outlook for example) as "Administrator," or at the very least as someone with administrator level privelages then any code run is run with that level and damage can be done--that same thing can happen under L...
[ more ] [ reply ]
[ more ] [ reply ]
Bad Analogy and more...
2004-03-18
Josh (1 replies)
Josh (1 replies)
I don't think the analogy supplied is valid for a number of reasons. If we want to use the Empire State building as the base object, a 10-lb dog could not deliver its payload to bring the building down. However, a 10-lb block of explosives would have a much better chance of dropping the building. T...
[ more ] [ reply ]
[ more ] [ reply ]
Bad Analogy and more...
2004-03-19
Anonymous
Anonymous
Josh makes some good points but I still think the analogy is a good one. It is easy to get carried away when we try to compare network/OS/Workstation security to physical/human security and the IT security community (antivirus vendors in particular) have a tendancy to overblow their job descriptions...
[ more ] [ reply ]
[ more ] [ reply ]
small size
2004-03-18
Anonymous
Anonymous
the ms sql worm had a few hundred bytes in that fit into a single udp packet,
so 12k is not much of an acomplishment (i bet i could fit
a simple backdoor in the sql work in a few hundred bytes more :)
on the other hand: yes - the author did not code it in
visual basic - quite an accomplishment...
[ more ] [ reply ]
so 12k is not much of an acomplishment (i bet i could fit
a simple backdoor in the sql work in a few hundred bytes more :)
on the other hand: yes - the author did not code it in
visual basic - quite an accomplishment...
[ more ] [ reply ]
The 12kb Bomb
2004-03-18
Anonymous (1 replies)
Anonymous (1 replies)
The 12KB Bomb
2004-03-19
Skatan
Skatan
and it only takes one line of code to wipe out a harddrive, Here's a better comparison, How big are the patches that fix the issues that allow those worms to spread? I used to find the Automatic Updates service annoying, but with how important the patches are and with an unpatched system most defina...
[ more ] [ reply ]
[ more ] [ reply ]
The 12KB Bomb
2004-03-25
Anonymous
Anonymous
I think the writer missed the vastness of the two main projects (MyDoom and Bagle), or it looks that way from the line relating to kids in parents basements randomly editing the binaries to make new varients.
That is quite far from the truth in the case of MyDoom, Bagle, and netsky (the latter b...
[ more ] [ reply ]
That is quite far from the truth in the case of MyDoom, Bagle, and netsky (the latter b...
[ more ] [ reply ]
...
2004-03-27
Anonymous
Anonymous
see theres also one thing many people have forgotten..the more simplistic something is..the less there is to go wrong...you could make a simple udp packet launched work that executes a payload drop of something very very simplistic..in fact you probobly use it every day, a basic
"Deltree /y" comm...
[ more ] [ reply ]
"Deltree /y" comm...
[ more ] [ reply ]
remember there is a human element here that you are fighting
2004-03-29
Anon (1 replies)
Anon (1 replies)
We all have been looking at this technically but I would also urge you to look at these new events, if you don't already, as an opportunity to try and help change the culture away from causing damage to other peoples systems. As you take new technical people under your wing, family friends or whomso...
[ more ] [ reply ]
[ more ] [ reply ]
bravo Kelly!...
[ more ] [ reply ]